Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing List[patch] enhanced MLS support
From: Darrel Goeddel <dgoeddel_at_TrustedCS.com>
Date: Mon, 17 Jan 2005 17:13:06 -0600
I have attached patches which provides many enhancements to the MLS support within SELinux - highlights are listed below. The patches a are against the latest sourceforge CVS tree. The kern-0117.patch applies to the nsa/linux-2.6 tree and the usr-0117.patch applies to the nsa/selinux-usr tree. We have been using this code for a while and have had several set of eyes go over it - we are now presenting this for inclusion into the mainline SELinux tree. We appreciate all feedback and will attempt to answer all questions. Thanks. Darrel
Replaced the existing MLS logic with a flexible system based on the current
constraints language. The constraints were extended to include operations for
levels. This allows for configurable overrides of MLS policy rather than using
the previous hardcoded attributes. It also allows for a more flexible MLS
policy: you can choose a strict BLP model or a modified BLP model which does
not allow write-up, you can limit a class to be "single level", etc... The
Added validatetrans statements to the policy which are used along with
constraints. The syntax for these statements is the same the syntax for
constraints with three additional expressions available: "u3 op names",
The MLS levels of a subject are used as a sensitivity level (low) and a clearance (high). The user MLS properties have accordingly been modified from a list of ranges to a default level and an allowable range. The high of the allowable range acts as the process clearance, and the default levels The compile time options for MLS support have been replaced with runtime options/detection. This will allow a vendor to ship one set of tools and one kernel to support both MLS and non-MLS enabled policies. The kernel will automatically determine the MLS status of a policy when it is read. MLS specific checks will be short-circuited if a non-MLS policy is being used. Checkpolicy now uses the "-M" option to work with MLS policies. Libsepol will will automatically determine the status of MLS support when a policy is read (like the kernel). There is also a interface to set the MLS status - this is used when checkpolicy is writing the policy. The binary policy version was incremented to accommodate these changes. The userspace tools and the kernel will still work with older non-MLS binary polices. Checkpolicy (and libsepol) can still work with and create older non-MLS binary policies and the kernel can still use older non-MLS binary policies. Previous versions of binary policies with MLS support can not be used or created with the new tools/kernel.
-- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Mon 17 Jan 2005 - 18:12:10 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |